Hackers, Passwords, and Online Identity, Part 3: Online Privacy
This is the final article in a three part series on Net Security and Privacy following ‘Change your passwords day’ which occurred on February 1st. It discusses recent online attacks, privacy concerns, and realistic net security tips for the rest of us. Part 1: Forgot your password? Part 2: Who can you trust?
When you lock the front door of your home, you block out third-parties from accessing your private data. The internet works in a similar way, yet it is the corporation who owns your account, and even sometimes your ISP, whose job it is to keep your data and identity private. But often, to introduce new features or functionality, these organisations and websites sacrifice privacy. So, who has access to what, how can you block them out, and how can you stop unauthorised people from getting hold of your most important and private material?
Facebook's refreshed privacy pane
At the very peak of media scrutiny is the world’s largest social network, Facebook, who recently went public, valued at just under $100 Billion. With around 800 million users, Facebook has a lot of data to look after, a vast range of people to keep happy, and overwhelming levels of trust from these people. Surely they would put all their best people, and a large amount of their hoards of money to fulfill this trust. Undoubtedly, they do, yet they haven’t yet fully succeeded. Very few people ever look at their privacy settings, which were slated by the press for allowing the entire internet to view wall posts, pictures and likes by default. While this has been changed to include ‘per post’ privacy settings thanks to a US Federal Trade Commission ruling, the time it took to implement these still uncompetitive features is regarded as unacceptable.
By setting your privacy options on Facebook to ‘Friends of Friends’, which seems pretty safe and secure at first, makes the average users details visible to over 150,000 people, research centre Pew Internet revealed.
Facebook users can reach an average of more than 150,000 Facebook users through their Facebook friends; the median user can reach about 31,000 others. At two degrees of separation (friends-of-friends), Facebook users in our sample can on average reach 156,569 other Facebook users. However, the relatively small number of users with very large friends lists, who also tended to have lists that are less interconnected, overstates the reach of the typical Facebook user. In our sample, the maximum reach was 7,821,772 other Facebook users. The median user (the middle user from our sample) can reach 31,170 people through their friends-of-friends.
This alarming discovery once again shows how easily users can be fooled into sharing data, and how poorly devised vitally consequential privacy options can be.
Users of competing networks don’t seem to be suffering so badly; Twitter and Google+ are currently in good standing for privacy, compared to Facebook, yet Twitter’s default settings to share all information with the whole internet may be concerning. It is often regarded as a ‘public venue’, although the ‘protect my tweets’ option is popular among the security conscious. Google+ thrived for excellent privacy options upon its launch, yet its falling popularity means it proves no contest against any other networks for the time being.
Veering away from social networks, Google is currently under scrutiny, and has been since it’s launch of the ‘Street View’ addition to Google Maps. This is the service, introduced in 2007, which enables visitors to the mapping service to see 360 degree views of roads in thousands of towns and cities worldwide. Some critics dubbed Street View a ‘Burglar’s Charter‘, as homes could be located and surveyed without any suspicion. To face these claims, Google agreed to safeguards which include the option to contact Google, to have your house blurred, or in some cases removed entirely from the site. They also, very promptly after launch, began to blur out faces and car registration plates to secure user’s privacy. Yet whatever Google do, Street View will always fill its primary function: to visit anywhere, anytime, without anyone knowing.
To add to Google’s troubles, this month it was revealed that Google ‘exploited’ the Safari web browser to collect personal browsing data when monitoring users, even when Safari was set to block this behaviour. Google have responded to the Wall Street Journal’s initial report by removing the offending code. Google did this in an attempt to tailor advertising to suit different visitors and other advertisers are expected to have used the same loophole. It can partly be blamed on Apple, who had not fully secured the browser used on the 300 million iPhones, iPads and iPods in circulation. The worrying thing is that Google knew what they were doing, and did nothing about it.
Unless you remove every trace of yourself off the internet, by deleting all online accounts, it is hard to evade these dangers. You can avoid letting criminals access much of your data by not logging into accounts on shared computers or public wi-fi networks and you can encrypt emails you send to avoid malicious interception.
Make sure you don’t reveal personal data to anyone you don’t trust on the net, just like in real life, or you could be vulnerable to spam (commercial, often bogus messages sent to thousands of users). It may even be worth making a new email account, which you give to sites you don’t entirely trust so your personal and business accounts are free from spam and possibly phishing. Remember to never reply to spam, and definitely don’t pass on any further details to the spammer. Even asking them to stop confirms that the email address exists and is being read by a real person so those initiating it will feel it necessary to send even more. If you ever suspect an email isn’t who it says it is from (email addresses can be manipulated to make messages seem official) contact the company who you suspect the spammer maybe impersonating to confirm the message was legitimate. I personally once received the below email from ‘support@twitter.com’, which after a short investigation I found originated from the Philippines and had no relation to Twitter whatsoever; the ‘Click to complete offers’ partly gave it away anyhow. Also note the snippet from the email ‘header’, which shows the message was pinpointed as spam by google’s servers.
Spam Email, sent as Twitter. Click to Enlarge.
In conclusion, even the big companies make mistakes, and it is almost impossible to maintain a high level of privacy, if you have a high online presence. Make sure that any details given out are only to those you trust and confirm your social networks’ privacy settings are to your liking. I leave you with an infographic, which outlines some privacy issues including mistakes Facebook have made in the past.
Source: wordstream.com
This marks the end of the Hackers, Passwords, and Online Identity series. Take the tips and information on board, and keep safe and secure. Thanks for reading!
